Skycaiji
by Zorlan
Source repositories
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-44351 | Cri | 0.64 | 9.8 | 0.01 | Dec 7, 2022 | Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php. | ||
| CVE-2018-11371 | Hig | 0.57 | 8.8 | 0.01 | May 22, 2018 | SkyCaiji 1.2 allows CSRF to add an Administrator user. | ||
| CVE-2025-1799 | Med | 0.41 | 6.3 | 0.00 | Mar 1, 2025 | A vulnerability, which was classified as critical, was found in Zorlan SkyCaiji 2.9. This affects the function previewAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument data leads to server-side request forgery. It is possible to… | ||
| CVE-2025-1791 | Med | 0.41 | 6.3 | 0.00 | Mar 1, 2025 | A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument save_data leads to unrestricted upload. The attack can… | ||
| CVE-2020-18878 | Med | 0.35 | 5.3 | 0.02 | Aug 20, 2021 | Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'. | ||
| CVE-2024-6252 | Low | 0.16 | 2.4 | 0.00 | Jun 22, 2024 | A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Task Handler. The manipulation of the argument onerror leads to cross site scripting. The attack can be launched… |
- risk 0.64cvss 9.8epss 0.01
Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php.
- risk 0.57cvss 8.8epss 0.01
SkyCaiji 1.2 allows CSRF to add an Administrator user.
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, was found in Zorlan SkyCaiji 2.9. This affects the function previewAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument data leads to server-side request forgery. It is possible to…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument save_data leads to unrestricted upload. The attack can…
- risk 0.35cvss 5.3epss 0.02
Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'.
- risk 0.16cvss 2.4epss 0.00
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Task Handler. The manipulation of the argument onerror leads to cross site scripting. The attack can be launched…